Description
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, gain privileges, obtain sensitive information.
Below is a complete list of vulnerabilities:
- A spoofing vulnerability in Azure Apache Oozie can be exploited remotely to spoof user interface.
- A spoofing vulnerability in Azure Apache Ambari can be exploited remotely to spoof user interface.
- A spoofing vulnerability in Azure DevOps Server can be exploited remotely to spoof user interface.
- A spoofing vulnerability in Azure Apache Hive can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in Azure Arc-Enabled Servers can be exploited remotely to gain privileges.
- A spoofing vulnerability in Azure HDInsight Jupyter Notebook can be exploited remotely to spoof user interface.
- A spoofing vulnerability in Azure Apache Hadoop can be exploited remotely to spoof user interface.
- An information disclosure vulnerability can be exploited remotely to obtain sensitive information.
Original advisories
- CVE-2023-36881
- CVE-2023-36869
- CVE-2023-35393
- CVE-2023-38176
- CVE-2023-35394
- CVE-2023-38188
- CVE-2023-20569
Exploitation
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
- CVE-2023-20569 warning
- CVE-2023-36877 warning
- CVE-2023-36881 warning
- CVE-2023-36869 high
- CVE-2023-35393 warning
- CVE-2023-38176 high
- CVE-2023-35394 warning
- CVE-2023-38188 warning
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!